DOE tries to spur development of defenses against Ukraine-style electrical grid cyberattack

Share

The Department of Energy doled out $4 million in grant funding earlier this month to four different cybersecurity firms in an effort to spur the development of new technology that can help protect U.S. electricity delivery systems from hackers.

The research, development and demonstration projects “will lead to next generation tools and technologies that will become widely adopted to enhance and accelerate deployment of cybersecurity capabilities for the U.S energy infrastructure, including cyber secure integration of smart grid technologies,” a summary within the original “Funding Opportunity” document from January 2016 reads.

Dubbed the “Chess Master Project,” the aforementioned $4 million joint research and development program will be conducted by Veracity Security Intelligence, Schweitzer Engineering Laboratories, Ameren Corporation and Sempra Energy, and focus on creating autonomous scanning and cyberthreat risk reductions tools.

Schweitzer Engineering Laboratories is one of the world’s largest microprocessor-based electronic equipment developers. Veracity is a startup that provides cyberthreat intelligence services. Ameren is an energy distribution service provider. Sempra Energy is a San Diego-based Fortune 500 energy holding company.

The project will include the coding of software that can help operators monitor network traffic and behavior and different attack surfaces, establish new encrypted security controls and provide policies to help victims quickly respond to a breach.

“The Chess Master Project is an innovative approach to solve some of the biggest challenges to reducing the attack surface for industrial control systems (ICS) in an autonomous way,” a proposal to DOE notes.“The proposed project can be applied to new and legacy infrastructure by deploying the software centrally on the flow controller and simple switch replacements from traditional to SDN enabled switches. This solution is ideally suited for legacy systems that have end points that are no longer supported or patches are not available.”

Diagram showing net flow and other traffic controls being researched/developed under “Chess Master”

“Veracity would have picked up the Ukraine attack in the initial discovery phase when they were mapping out the network to find the vulnerabilities,” Myer wrote in an email. “Our platform sees all network traffic and any anomalous behavior is flagged and disallowed. All network traffic is tracked and enforced using a ‘white list’ or ‘deny by default’ approach that only allows approved behavior. In this case, the exploit would have been discovered, the traffic would be blocked — the packets would be dropped — and an alert would be sent to the administrator for further research.”